about summary refs log tree commit diff
path: root/src/indieauth.rs
Commit message (Collapse)AuthorAgeFilesLines
* Small tweaks, additions and preparationsVika2022-02-211-9/+3
|
* Make the HTTP client a genericVika2022-02-211-7/+5
| | | | | | This adds the ability to use mocks that don't actually touch the network and alternative transports such as using OpenSSL instead of rustls (but rustls is still superior).
* indieauth/require_token(): reject with 401 when no headerVika2022-02-211-2/+34
|
* Add a module for IndieAuth bearer token authVika2022-02-211-201/+245
| | | | | | | | | | | | | require_token() uses a token endpoint URI and an HTTP client to query the token endpoint and return a User object if the user was authorized, or rejecting with IndieAuthError if not. It is recommended to use recover() and catch the IndieAuthError at the application level to show a "not authorized" error message to the user. This function is more intended for API consumption, but is general enough to permit using in other scenarios. TODO: make a variant that returns Option<User> instead of rejecting
* Appease rustfmt, clippy and cargo checkVika2021-07-291-8/+17
|
* Added an internal token mechanismVika Shleina2021-07-271-0/+11
| | | | | | | | The internal token is a shared secret that can update and delete any posts stored in the database. It is intended for use in webmention endpoints to update posts with latest webmentions. Please keep it safe.
* Replaced scheme with HTTPS in frontend to prevent weird thingsVika Shleina2021-07-191-1/+1
|
* Make clippy happyVika2021-05-171-1/+1
|
* Make rustfmt happyVika2021-05-171-28/+71
|
* Added a debug shim to IndieAuthMiddleware that makes it a no-op in staging ↵Vika2021-05-091-1/+15
| | | | (except unit tests)
* Added rudimentary caching to IndieAuth middlewareVika2021-05-051-27/+83
|
* Deleted a loose TODOVika2021-05-051-1/+0
|
* Initial commitVika2021-05-041-0/+116
Working features: - Sending posts from the database - Reading posts from the database - Responding with MF2-JSON (only in debug mode!) - Not locking the database when not needed - All database actions are atomic (except for a small race where UIDs can clash, but that's not gonna happen often) TODOs: - Send webmentions - Send syndication requests - Send WebSub notifications - Make tombstones for deleted posts (update adding dt-deleted) - Rich reply contexts (possibly on the frontend part?) - Frontend? - Fix UID race Code maintenance TODOs: - Split the database module - Finish implementing the in-memory test database - Make RedisDatabase unit tests launch their own Redis instances (see redis-rs/tests/support/mod.rs for more info) - Write more unit-tests!!!